Cybersecurity pros switch jobs for challenging work, pay, and flexible hours

Cybersecurity pros are most likely to leave to find more challenging work, better pay, and more flexible working hours, according to a survey released this morning. Office location also played an unexpected role in employees’ decision as well.

“This is one of the points that surprised me coming up in conversation,” said Javvad Malik, security advocate at AlienVault, the author of the report.

When company offices were located in unpopular locations, it was more difficult for employees to switch jobs, he said.

“I spoke to two multinational companies, and they said that they preferred going to smaller cities or our-of-the-way places,” he said. “The local governments would encourage them to stay up there, and they would get staff who would be very loyal to them because they would have fewer options.”

Of course, small town locations also make it difficult for companies to recruit staff in the first place.

[ ALSO ON CSO: 8 tips for recruiting cybersecurity talent ]

“What they typically tend to do is set up near a university, where they could get some raw talent to train up,” he said. “They were aware that they would have trouble getting experienced folks.”

According to the survey, 34 percent of cyber professionals would leave for a different job if they could get more challenging and exciting work. Better pay was in second place at 23 percent, followed by flexible working conditions at 17 percent.

Malik recommends that companies try to find ways to provide more meaning, flexibility and growth opportunities to employees in order to keep them longer.

“It’s all about feeling valued, feeling that they’re making a valuable contribution to the company,” he said.

For example, some companies are looking at automation to reduce the routine aspects of the security job.

One manager hired a developer to come in to look at workflow and create scripts to automate as many tasks as possible for his employees.

“That ended up freeing a lot of time for them — up to 30 or 40 percent,” Malik said. “This was time that he could spend allocating his team to more meaningful or interesting tasks, or education.”

Other companies saw results from simply relaxing some of the constraints their employees were under, he said.

“Allowing them to work from home one day a week, or going to or speaking at conferences if they were previously not allowed to do that — that was the biggest boost to morale,” he said.

Attending conferences creates learning opportunities and demonstrates that the company is supporting and investing in those employees, he said.

What about the risk that employees will use the conferences to network and find other jobs?

“It’s the trust factor that is sometimes lacking in the larger companies,” he said. “If more companies do that, they’d have a happier workforce. And if you don’t let them go, and they don’t feel that they’re being invested in, they’re going to leave anyway.”